Senior Sap Security/GRC Consultant
Resume:
Deepak Joshi
Email: **************@*****.*** Cell: 224 –436–0136
SUMMARY:
Senior Security Consultant having total 9 years of IT experience.
•
* ***** ** *** **** life cycle implementation experience including 2 year in SAP BW/BI, SAP BPC,
•
SAP Portal, BOBJ and GRC 5.3, GRC 10.
• Sound experience of working as a team lead for security projects and successfully implemented 2 end
to end SAP security Implementations.
• Extensive experience of working on SAP ECC 6.0/5.0, 4.6C with expertise in developing and
documenting security roles, processes and procedures.
• Designed and developed roles in SAP R/3, ECC, BI, PI and CRM.
• Experience in implementing different SAP modules MM, SD, PP, FICO, WM, BASIS and PM.
• Good Knowledge of SAP GRC tools SPM, RAR and CUP.
• Hands-on experience on building corporate security Policies and Procedures, developing change
document template as per the SAP best practices, implementing security tools for access control, auditing
& reporting and Request for Proposal (RFP) for SAP security projects.
• Handled project managements activities, contribution for SAP practice, member of interview panel.
• Worked on SAP Check Indicator Defaults and Field values, reduced the scope of Authorization checks
using transaction SU24 and maintained check indicators for Transaction codes.
• Maintain password/logon security profiles parameters.
• Used Profile Generator PFCG for creation, modifying roles, composite roles and derived roles.
• Restricted roles by Company Code, Plant, Cost Center, Profit Center and Purchasing Organization etc.
• Extensively working with Sarbanes-Oxley Compliance Teams – Strategy management related to SAP
business processes, transactions, control infrastructure, and financial reporting process.
• Experience of working on Business Information Warehouse 3.5 and BI 7.0 Securities using transaction
codes RSSM and RSECADMIN with expertise in developing security for RRMX and workbench
administration.
• Maintained restrictions based on info cube, characteristic, characteristic value, Key figure, Hierarchy
level node.
• Experience in implementing and managing central user administration for large number of user
population with experience of using various CUA tool to manage and distribute changes.
• Adept in defining, monitoring, and enforcing SAP Security policies and authorizations; enhancing
current SAP security solutions as needed and managing the user population through Central User
Administration.
• Proficiency in maintaining security audit log configuration, analysis, and reorganization.
• Extensively used SUIM transaction code for security analysis.
• Performed roles transport throughout landscape.
• Conducted end user security training for clients.
• Experience in creating technical documentation and training manuals.
• Extensive IT Security experience in ERP, Legacy Systems i.e. AS400 and third party products like
TRAX, CROWN, REBUS and QTAR in various geographies i.e. India, Europe and USA.
• IT best practices, ITIL Certified (Scored 90%).
TECHNICAL SKILLS:
ERP: SAP R/3 4.x/ ECC 6.0 ( MM, PP, FICO, WM, SD,PM) SAP BW 3.5/ BI 7.0, SAP EP 7.0, SAP
•
CRM.
• TOOLS: PFCG, GRC 5.3, GRC10 and SUIM.
OTHERS: MS Visio 2007, MS Project Planner 2003 and MS Office 2007.
•
INCIDENT MANAGEMENT: Remedy, Assyst.
•
CHANGE MANAGEMENT: Change Management Automation Tool.
•
EXPERIENCE SUMMARY:
Johnson Controls
Holland, MI, USA
SAP ECC, BI/BW & BPC Security Lead (Dec2012 – Till Date)
Working as a Onsite Lead in a team of 5 members.
•
Responsible for SAP ECC, BW/BI, BOBJ, BPC and GRC 10 production support.
•
Responsible for ECC user and role maintenance.
•
Responsible for design and development of ECC, BI and BPC security roles.
•
Responsible for implementing SAP BPC and SAP BI Security for 1000 users across 750 plants.
•
Providing production support based on Remedy Ticketing system for severity 1, 2 and 3 incidents
•
within defined SLA.
Environment: SAP ECC 6.0, SAP BI 7.0 and SAP BPC 7.5
Walgreens
Chicago, IL, USA
SAP Security Lead (Oct2011 – Nov2012)
Responsible for SAP ECC production support.
•
Provided production support based on Remedy Ticketing system for severity 1, 2 and 3 incidents
•
within defined SLA.
• Worked on GRC 5.3 (RAR and SPM).
• Carried out extensive Security developments for quarterly projects.
• Gained good experience in ECC user and role maintenance.
• Gained good experience in SOD analysis and mitigation controls.
• Performed unit and integration testing.
• Maintained transaction selections and authorization data in roles.
• Designed and developed ECC security roles.
• Day to day analysis of causes of authorization problems and fixing the missing authorizations.
• Developed and troubleshoot BI roles in RSECADMIN.
• Published Queries to BI roles by using Bex Analyzer.
• Also worked for RFC proposals for various SAP Security projects.
• Designed and developed Training manuals for Super Users or Service Desk.
Environment: SAP ECC 6.0, BI 7.0, Solution Manager, GRC 5.3
GE
Syracuse, NY, USA
SAP Security Lead (Sept2010 – Sep2011)
SAP Security Lead Consultant.
•
Created custom roles for end users, process and technical teams in the sandbox, development, quality,
•
Training and production environments for all SAP modules.
• Extensively used Profile Generator (PFCG) for creating new roles and modifying existing roles based
on the business and functional requirement.
• Worked on RAR and SPM on GRC 5.3, did extensive Risk analysis on User/Role level.
• Provided fire fighter access to various users in production system.
• Developed appropriate solutions to security related issues and supported Post Go Live Environment.
• Analyzed the nomenclature of roles and suggested changes for new roles.
• Created and modified the roles based on business/functional requirements.
• Analyzing missing authorizations based on screen shot sent by the user.
• Worked with SU24 for identifying and maintaining required objects using transaction code.
• Extensively used SU01 for user maintenance, role assignments, password resets and user
locking/unlocking.
• Analyzed causes of authorization problems and fixed the missing authorizations.
• Developed and troubleshoot BI roles in RSECADMIN.
• Published Queries to BI roles by using Bex Analyzer.
Environment: SAP ECC 6.0, BI 7.0, GRC 5.3
United Biscuits
Liverpool, UK
SAP Security Lead (Apr2009 – Aug2010)
Carried out requirement gathering and analysis for SAP ECC upgrade and Go-Live support.
•
Extensively worked on Upgrade methodology.
•
Extensively worked on SAP GRC (SPM/CUP/RAR) functions.
•
Designed and developed ECC security roles.
•
Designed, Developed and Implemented SAP PM module security from Scratch.
•
Extensive experience in ECC user maintenance.
•
Gained good experience in SOD analysis and mitigation controls.
•
Performed unit and integration testing.
•
Created, maintained, locked, and unlocked users and change passwords.
•
Created and maintained composite roles and derived roles for different plant locations.
•
Maintained transaction selections and authorization data in roles.
•
Assigned mass roles to users through SU10 & Custom programs.
•
Created and transported roles and performed authorization analysis.
•
Developed security roles for BI Queries and reports.
•
Created and assigned roles in JAVA system.
•
Also worked as Security Lead for some third party products being used in United Biscuits like:
•
Trax, Qtar, Crown and REBUS.
Environment: SAP ECC 6.0, BI 7.0, EP 6.0 SAP Solution Manager, GRC 5.3
Punjab National Bank
New Delhi, India
Security Analyst (Consultant) (Jul2006 – Mar2009)
SAP Security Consultant.
•
Carried out requirement gathering and analyzing for SAP implementation and Go-Live support.
•
Extensively worked on Solution Manager and CUA.
•
Designed and developed ECC security roles.
•
Extensively worked on role clean up and Segregation of Duties (SOD).
•
Gained good experience in ECC user maintenance.
•
Analyzed new Tcodes and authorization objects in ECC 6.0.
•
Analyzed and updated SU24 settings in SAP for different T-codes.
•
Created, maintained, locked, and unlocked users and change passwords.
•
Created and maintained composite roles and derived roles.
•
Maintained transaction selections and authorization data in roles.
•
Created and transported roles and performed analysis authorizations.
•
Responsible for analyzing SU53 error checks during testing and to find missing authorizations and
•
transaction codes.
Environment: SAP ECC 6.0, ECC 4.6C, BI 3.5, SAP Solution Manager
Walgreens
Noida, India
Security Analyst (Consultant) (Jul2005 – Jul2006)
Created and modified the user profiles based on business/functional requirements for various AS/400
•
users.
Responsible for the developing profiles - Developer, Tester and Business Users etc in AS400 system.
•
Performed User Administration which included creating and managing users.
•
Created test IDs and test profiles to trouble shoot issues.
•
Trained and assisted users to use the system effectively.
•
Created profiles in various AS/400 systems i.e. development, testing and production system.
•
Environment: AS400, SYNON and DB2.
Counties Wake, Henderson, Catawba ETC in North Carolina (USA)
Noida, India
Team Member (Mar2005 - Jun2005)
Automated system for maintaining Land Record, property data, property, notifying owners and ensuring
•
tax equity through uniform valuation.
Customized to different Counties Wake, Henderson, and Catawba ETC in North Carolina (USA).
•
Database Admin and was responsible for providing access of database to different users like developers,
•
testers etc.
Did integration testing within various teams.
•
Environment: Oracle 9i, MySql and .Net Environment
Toyota Corporation, Japan
Noida, India
Team Member (Nov2004 – Feb2005)
Worked on the “GIS” project for Toyota Motors.
•
Supported automated navigation system in cars.
•
Worked on merging two technologies NT (NavTeq) and GDT/TeleAtlas.
•
Responsible for maintaining database of maps using MySQL.
•
Responsible for retrieving data regarding maps from various Tables.
•
Compared maps of two technologies with regard to some sets of predefined rules.
•
Environment: Oracle 9i, MySql and Java
EDUCATIONAL QUALIFICATION:
Bachelor Of Technology (Computer Science and Engineering), ABES Engineering College, U.P.
•
Technical University, India (2004 Batch).
Contact this candidate